Insiders Remain Among The Most Dangerous Cyber Threats

Although system intrusions from external hackers (foreign governments, hacktivist entities, lone wolves, etc) grab most of the headlines, it remains an underpublicized fact that one of the most common causes of data breaches is actually from an internal exposure – the rogue employee. According to The Wall Street Journal, a recent report found that almost one in three data breaches occur because of insider activity. Smart hiring and checks and balances in a management hierarchy are still extraordinarily valuable and remain the most fundamental protections against such risks, but companies are increasingly recognizing that investing time and resources into processes and systems that help detect internal threats is a valuable use of human and economic capital.

Many financial services companies have either developed internal analytics and processes in recent years or have turned to outside providers such as ObserveIT, Tripwire and others to identify and document such threats, and companies in retail, entertainment and other vulnerable sectors are increasingly doing so as well. Some of the most valuable capabilities of such systems are the ability to track user activity trends and notify the company of deviations from such trends, the ability to take screen captures of suspicious activity, the ability to link unusual activity to identify conspirators, the ability to identify links between user access to internal information and their online activity, etc. Such enhanced analytics can provide compelling feedback, especially once the system has been in operation for enough time to develop a statistically significant sample of user activity data.

Bolstering internal systems and processes are unquestionably valuable undertakings but a Privacy Liability insurance program can provide crucial backstop protection against these types of risks if properly structured. However, many policies contain exclusions which are problematic for coverage if not negotiated away by the broker. Contact Simkiss & Block to see how protection can be customized to your company’s needs.